* kprobe pre_handler change return IP
@ 2013-10-17 12:57 Liuyongan
2013-10-19 16:00 ` Masami Hiramatsu
0 siblings, 1 reply; 3+ messages in thread
From: Liuyongan @ 2013-10-17 12:57 UTC (permalink / raw)
To: linux-kernel@vger.kernel.org; +Cc: Qianhuibin
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset="utf-8", Size: 940 bytes --]
I use kprobe to probe a function suppose:
int is_winter(int num) { ... }
int replace_is_winter(int num) { ...}
I want to replace is_winter() with replace_is_winter(), so when we call is_winter, replace_is_winter will be called.
so:
int my_pre_handler(struct kprobe *p, struct pt_regs *regs)
{
regs->ip = (unsigned long)&replace_is_winter;
return 1;
}
and echo 0 > /proc/sys/debug/kprobes-optimization so that jump instruction will not be used.
I got a exception in fault_handler, and trap number is 14.
fault_handler: p->addr = 0xffffffffa08e201a, ip = ffffffff8021c59d, trap #14n
Anyone here can help me ?
ÿôèº{.nÇ+‰·Ÿ®‰†+%ŠËÿ±éݶ\x17¥Šwÿº{.nÇ+‰·¥Š{±þG«éÿŠ{ayº\x1dʇڙë,j\a¢f£¢·hšïêÿ‘êçz_è®\x03(階ŠÝ¢j"ú\x1a¶^[m§ÿÿ¾\a«þG«éÿ¢¸?™¨èÚ&£ø§~á¶iO•æ¬z·švØ^\x14\x04\x1a¶^[m§ÿÿÃ\fÿ¶ìÿ¢¸?–I¥
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: kprobe pre_handler change return IP
2013-10-17 12:57 kprobe pre_handler change return IP Liuyongan
@ 2013-10-19 16:00 ` Masami Hiramatsu
2013-10-21 6:15 ` Liuyongan
0 siblings, 1 reply; 3+ messages in thread
From: Masami Hiramatsu @ 2013-10-19 16:00 UTC (permalink / raw)
To: Liuyongan; +Cc: linux-kernel@vger.kernel.org, Qianhuibin
(2013/10/17 21:57), Liuyongan wrote:
> I use kprobe to probe a function suppose:
> int is_winter(int num) { ... }
> int replace_is_winter(int num) { ...}
> I want to replace is_winter() with replace_is_winter(), so when we call is_winter, replace_is_winter will be called.
>
> so:
> int my_pre_handler(struct kprobe *p, struct pt_regs *regs)
> {
> regs->ip = (unsigned long)&replace_is_winter;
> return 1;
> }
>
> and echo 0 > /proc/sys/debug/kprobes-optimization so that jump instruction will not be used.
>
> I got a exception in fault_handler, and trap number is 14.
>
> fault_handler: p->addr = 0xffffffffa08e201a, ip = ffffffff8021c59d, trap #14n
>
> Anyone here can help me ?
If you want to replace something with kprobes, the pre_handler must clean current_kprobe up.
Actually the same thing has been done in setup_detour_execution(). So, what you need to do is
> int my_pre_handler(struct kprobe *p, struct pt_regs *regs)
> {
> regs->ip = (unsigned long)&replace_is_winter;
reset_current_kprobe();
preempt_enable_no_resched();
> return 1;
> }
Happy hacking! ;)
Thank you,
--
Masami HIRAMATSU
IT Management Research Dept. Linux Technology Center
Hitachi, Ltd., Yokohama Research Laboratory
E-mail: masami.hiramatsu.pt@hitachi.com
^ permalink raw reply [flat|nested] 3+ messages in thread
* RE: kprobe pre_handler change return IP
2013-10-19 16:00 ` Masami Hiramatsu
@ 2013-10-21 6:15 ` Liuyongan
0 siblings, 0 replies; 3+ messages in thread
From: Liuyongan @ 2013-10-21 6:15 UTC (permalink / raw)
To: Masami Hiramatsu; +Cc: linux-kernel@vger.kernel.org, Qianhuibin
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset="utf-8", Size: 2065 bytes --]
> -----Original Message-----
> From: Masami Hiramatsu [mailto:masami.hiramatsu.pt@hitachi.com]
> Sent: Sunday, October 20, 2013 12:00 AM
> To: Liuyongan
> Cc: linux-kernel@vger.kernel.org; Qianhuibin
> Subject: Re: kprobe pre_handler change return IP
>
> (2013/10/17 21:57), Liuyongan wrote:
> > I use kprobe to probe a function suppose:
> > int is_winter(int num) { ... }
> > int replace_is_winter(int num) { ...}
> > I want to replace is_winter() with replace_is_winter(), so when we call
> is_winter, replace_is_winter will be called.
> >
> > so:
> > int my_pre_handler(struct kprobe *p, struct pt_regs *regs)
> > {
> > regs->ip = (unsigned long)&replace_is_winter;
> > return 1;
> > }
> >
> > and echo 0 > /proc/sys/debug/kprobes-optimization so that jump instruction
> will not be used.
> >
> > I got a exception in fault_handler, and trap number is 14.
> >
> > fault_handler: p->addr = 0xffffffffa08e201a, ip = ffffffff8021c59d, trap
> #14n
> >
> > Anyone here can help me ?
>
> If you want to replace something with kprobes, the pre_handler must clean
> current_kprobe up.
> Actually the same thing has been done in setup_detour_execution(). So, what
> you need to do is
Great! It works.
As my_pre_handler() in another modules, I should export current_kprobe using
EXPORT_PER_CPU_SYMBOL(current_kprobe);
in arch/x86/kernel/kprobes.c right after current_kprobe's definition.
>
> > int my_pre_handler(struct kprobe *p, struct pt_regs *regs)
> > {
> > regs->ip = (unsigned long)&replace_is_winter;
>
> reset_current_kprobe();
> preempt_enable_no_resched();
>
> > return 1;
> > }
>
> Happy hacking! ;)
>
>
> Thank you,
>
> --
> Masami HIRAMATSU
> IT Management Research Dept. Linux Technology Center
> Hitachi, Ltd., Yokohama Research Laboratory
> E-mail: masami.hiramatsu.pt@hitachi.com
>
ÿôèº{.nÇ+‰·Ÿ®‰†+%ŠËÿ±éݶ\x17¥Šwÿº{.nÇ+‰·¥Š{±þG«éÿŠ{ayº\x1dʇڙë,j\a¢f£¢·hšïêÿ‘êçz_è®\x03(階ŠÝ¢j"ú\x1a¶^[m§ÿÿ¾\a«þG«éÿ¢¸?™¨èÚ&£ø§~á¶iO•æ¬z·švØ^\x14\x04\x1a¶^[m§ÿÿÃ\fÿ¶ìÿ¢¸?–I¥
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2013-10-21 6:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-10-17 12:57 kprobe pre_handler change return IP Liuyongan
2013-10-19 16:00 ` Masami Hiramatsu
2013-10-21 6:15 ` Liuyongan
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox